On 08 Dec 2003 11:00:22 +0200, [EMAIL PROTECTED] writes: > On 06 Dec 2003 17:21:54 -0600, Scott A Crosby <[EMAIL PROTECTED]> > posted to spamassassin-talk:
> It would be good to have a rule to match the general pattern. It's > probably too much work to generate that sort of email by hand so > chances are you can find a unique pattern if you collect a few > messages which have this obfuscation. Unless there are so many patterns such that its difficult to detect all of them-- one of the problems in defending against collage attacks is the moment you workaround one, they can always create another variant. > This has been going around for at least a year; it's reported in the > Spammers' Compendium <http://www.jgc.org/tsc/> as of Jan 17, 2003 > (it's the "Slice and Dice" pattern). Excellent URL. Thanks. > One thing to go by might be the silliness of using HTML to send > monospaced text. I mean, what's the point of that (unless you actually > +want+ your ad to be ugly [1])? Personally, I think the fundamental problem is HTML. HTML is too powerful of a display language to be filtered, and thats before JavaScript is added into the mix. Just look at the URL above. Almost all of those tricks are directly enabled by HTML. IMHO, I'd be perfectly happy with a spam filter that bitbucked HTML, and caught all plaintext spam. If someone wants HTML, then they can deal with the collaged spam. Scott ------------------------------------------------------- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
